IT Audits & Compliance

3 to 5 Years of experience: 2 Resources

• The candidate must have experience in IT auditing, IT risk management, or related fields.

• Plan, execute, and report on internal IT audits.

• Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or

other relevant standards.

• Hands-on experience conducting on-site and remote assessments of third-party vendors to

evaluate their security posture and related controls.

• Must be CISA certified.

• Proficiency in MS Office Suite with experience in creating and presenting dashboards and

reports.

• Comfortable to travel for on-site visits to the client side for audit purposes.

• Evaluate the effectiveness of IT controls, identify risks, and provide recommendations for

improvement.

• Proficiency in compliance with frameworks like ISO 27001, SOC 2, PCI DSS, ITGC, or

other relevant standards.

• Conduct regular access reviews to ensure users have appropriate access levels based

on their roles.

• Evaluate the effectiveness of access controls in safeguarding sensitive information.

• Recommend improvements for identity and access management (IAM) processes.

• Perform internal risk assessments to identify vulnerabilities and ensure timely mitigation

strategies.

• Work closely with IT, legal, and business teams to address audit findings and track

remediation efforts.

• Must have the capability to represent the audit reports to Management.

• Stay updated on the latest developments in IT audit and compliance practices.